How to get the CSP name from a certificate containing the private key?

  I was testing with some code to get the CSP name from a certificate containing the private key. A sample code is shown below: // GetCSPFromCert.cpp : Defines the entry point for the console application. // #include "stdafx.h" #include <stdio.h> #include <windows.h> #include <wincrypt.h> #pragma comment(lib, "crypt32.lib") #define MY_ENCODING_TYPE  (PKCS_7_ASN_ENCODING | X509_ASN_ENCODING) // Replace…

2

How to take a quartz log?

  Many a times I do get this questions from my varied customers and colleagues and I cannot answer them instantly or even after looking here and there for a day. So I just wanted to blog it. Please see the MSDN link http://msdn.microsoft.com/en-us/library/dd388394(v=VS.85).aspx for the steps in getting the logs. Here are some steps…

0

Getting a “System.ArgumentException: Value was invalid” when trying to sign data using SHA256CryptoServiceProvider Here is the symptom:

1. You are using RSACryptoServiceProvider for computing SHA-2 signatures. 2. Doing this you get unhandled exceptions of type "System.ArgumentException" in mscorlib.dll saying "Value was invalid". 3. A typical call that failed was: byte[] signature = rsa.SignData(data, new SHA256CryptoServiceProvider()); 4. The SHA1CryptoServiceProvider did not reproduce the exception. 5. Additionally you have FIPS policy enabled. The environment…

0

Getting a “System.ArgumentException: Value was invalid” when trying to sign data using SHA256CryptoServiceProvider

  Here is the symptom: 1.    You are using RSACryptoServiceProvider for computing SHA-2 signatures. 2.    Doing this you get unhandled exceptions of type "System.ArgumentException" in mscorlib.dll saying "Value was invalid". 3.    A typical call that failed was: byte[] signature = rsa.SignData(data, new SHA256CryptoServiceProvider()); 4.    The SHA1CryptoServiceProvider did not reproduce the exception. 5.    Additionally you have…


Compliance of .Net security libraries about verifying a CMS Advanced Electronic Signatures (CAdES) message

CAdES is an extension of CMS and these extensions, where present, require a different process to check the signature. Our .Net security libraries (System.Security.Cryptography) though verify a CAdES message; it actually ignores the CAdES part within the message.   SignedCms can verify a message with a CAdES signature but it does not verify the CAdES…


Dealing with Administrator and standard user’s context

With introduction of UAC, I often get two questions for Windows Vista and later. 1)      How to launch an application in the Administrative context from an application which is running in standard user’s context? 2)      How to launch application in standard user’s context from an application which is running in administrative context?   The first…


How to make your custom RNG (random number generator) implementation the default RNG provider for the system using CNG API’s

  If you have implemented your random number generator make sure that you register it using BCryptRegisterProvider function. Add the algorithm name to the list of symmetric cipher algorithm class using BCryptAddContextFunction.   Example:   BCryptAddContextFunction(                         CRYPT_LOCAL,              // Scope: local machine only                         NULL,                     // Application context: default                         BCRYPT_RNG_INTERFACE,     // Algorithm class                        …


How to use ADSI/LDAP API’s for querying active directory using credentials derived from a Smart Card

There are no ADSI/LDAP API’s that eventually could directly use the Smart Card Credentials. We could follow the steps below: 1.  Get the user credentials by reading in the certificate from the Smart card. 2.  Call LogonUser() to get the user’s token. 3.  Use this token to impersonate the user. 4.  Under the impersonated user’s…


Screen capture using Windows Media Encoder

If you have to screen capture using Windows Media Encoder please follow the steps below. Start Windows Media Encoder (WM Encoder). To download WM encoder please refers to the link http://www.microsoft.com/downloads/details.aspx?FamilyID=5691ba02-e496-465a-bba9-b2f1182cdf24&displaylang=en. The file is “WMEncoder.exe” which is of size 9.45 MB approximately. Install it and you get Windows Media under Start-> All Programs.    To…


You might get a high CPU usage while decrypting using RSA keys

  You might get a high CPU usage while decrypting using RSA keys     The root cause of this issue (high CPU usage while decrypting using RSA keys) is as stated in the MSDN link http://msdn.microsoft.com/en-us/magazine/cc163676.aspx. The name of the article is “Encrypting without Secrets” by Keith Brown.   The points to look at…